Your SlideShare is downloading. ×
0
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Scott Isaacs Presentationajaxexperience (Final)
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Scott Isaacs Presentationajaxexperience (Final)

1,306

Published on

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,306
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
30
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Users view versus reality… Start with your site and then expand… explaining the user’s view versus what is really happening
  • Platforms - cloud data is avaluable – same attack vectors against the PC now exist in the cloud. Currently hacking around for sharing. data
  • Quality of service demo, code throttling., etcUse TICKING CLOCK!
  • Request untrusted contentTransform untrusted contentInterceptionProfilingQoS ProtectionWrap a sandbox around contentAssociate with PolicyBind to document node (optional)Execute…
  • JSON-ize HTML/CSS, Inject interception, profiling, QoS hooks, and Lifecycle (factory) supportPerforms an A->B TransformationPerforms syntactic validationNo security at this point
  • DO A DEMO OF A POLICY EXPLAINING DOCUMENT.BODYDo prototype overriding and namespace explanationaddEventListener…
  • Some scenarios are so extreme, becoming a platform themselveLocal capabilities are being exposed, cloud Capabilities are increasing in valueBe aware of these challenges in your applications…
  • Transcript

    • 1. Beyond IFrames:Web Sandboxes<br />Scott Isaacs<br />Software Architect<br />Microsoft<br />
    • 2. How Web Sites are Built Today<br />Google Friend Connect<br />Youtube<br />The Web normally has a Same Origin Policy – but in practice, “your script works in my origin”<br />All JavaScript code in the page, regardless of origin, has the same trust level and permissions<br />If one bit of code fails or is compromised, the entire page/app/site can be compromised<br />Quick Demo…<br />Youtube<br />Google News<br />Error from Amazon<br />
    • 3. Circles of (Dis)Trust<br />Shared Frameworks<br />Affiliates<br />Images<br />Gadgets<br />Maps<br />You Tube<br />Your Code<br />Social Networks<br />Analytics<br />Search<br />Content<br />Display Ads<br />Images<br />
    • 4. User’s Expectations ≠ Reality<br />Mismatch between browser security and expectations<br />O/S boundaries protected<br />Cross-domain content protected<br />Composite pages have a single policy<br />Aggregation (mash-ups) not protected<br />You need a composite policy for a composite page<br />Let’s secure the cookie…<br />
    • 5. The growing risk…<br />Differentiation between Cloud and Local Services is blurring…<br />User Data being aggregated…<br />Personal Data (both local and cloud-based)<br />Storage, Photos, E-Mail, Social Network/ Contacts, IM<br />Devices<br />Phones, GPS, Camera, etc.<br />…and exposed to…<br />Site Services<br />Rich Advertising, Analytics, Maps, Affiliate Programs<br />Site Extensibility<br />Gadgets, Libraries, etc.<br />
    • 6. What about IFrames?<br />Still exploitable…<br />Run-away code…<br />Navigation…<br />Click-Jacking…<br />And not rich enough…<br />Designed for content embedding<br />Established fixed “policies”<br />Won’t work for display integration (e.g., fly outs)<br />Fails for tight integration w/ API’s, CSS<br />Isolation model, not a Security Architecture<br />
    • 7. Web Sandbox<br />Isolate and secure the boundaries via composite host-defined policies<br />Builds on existing knowledge<br />Embrace existing programming patterns<br />Provides browser equalization<br />Open Source Project (Apache License)<br />
    • 8. QoS - Going beyond security<br />Profiles executing code<br />Error tracking and recovery<br />Code Throttling<br />LifeCycle management<br />QoS Demo…<br />
    • 9. Your Web Page<br />Creating Secure Containers<br />Policy and Rules<br />Policy and Rules<br />Policy and Rules<br />Web Sandbox Virtual Machine<br />Web Sandbox Virtual Machine<br />Web Sandbox Virtual Machine<br />Untrusted Script<br />Untrusted Script<br />Untrusted Script<br />
    • 10. Web Sandbox: The Big Picture<br />Trusted Host(e.g., Your Site)<br />Requests Content(untrusted)<br />SandboxVirtual Machine(JavaScript Library)<br />Sandboxed Execution<br />Sandboxed Execution<br />TransformationPipeline<br />(Server or Client-based)<br />Untrusted Content<br />Virtualize Code<br />
    • 11. Transformation Process<br />Request Resource<br />Parse Resource<br />Output JavaScript for execution within the Sandbox VM<br />Let’s take a look….<br />
    • 12. Sandbox Virtual Machine<br />Validates execution against policies<br />Supports instancing and lifecycle<br />Monitors QoS via profiling & throttling<br />Protects external communication<br />
    • 13. Policies<br />Contextually-aware API “tables”<br />Allow/Deny/Augment rules<br />Cascading model<br />Default “Gadget” Policy<br />Supports JavaScript/ W3C DOM<br />Provides Namespace isolation<br />Demo…<br />
    • 14. Trusted/ Untrusted boundaries<br />Custom Policies to Surface Host APIs<br />Demo…<br />Mutually distrusted components sharing single “Trusted” Map<br />
    • 15. Simple Integration…<br />&lt;script src=&quot;sandbox2.js&quot;&gt;&lt;/script&gt; <br />&lt;div id=&quot;box&quot;&gt;&lt;/div&gt;<br />&lt;script src=&quot;transform.ashx?type=script&guid=GadgetGUID&ua=IE8&url=http://siteexperts.com/untrusted.js&quot;&gt;&lt;/script&gt; <br />&lt;script&gt;var instance = new $Sandbox(document.getElementById(&quot;box&quot;), $Policy.Gadget, &apos;GadgetGUID&apos;);instance.initialize();<br />&lt;/script&gt;<br />
    • 16. Closing Thoughts…<br />Web Application ecosystem is evolving<br />Applications getting richer via aggregation<br />More valuable services and personal data are exposed<br />The web security model must evolve<br />Web-sandbox adds protection across the boundaries<br />Sites can properly model and enforce the trust relationship<br />Sites can protect themselves and their users<br />Possible without redefining the web…<br />Go play with it (http://websandbox.livelabs.com)<br />
    • 17. Questions?<br />Learn more at:<br />http://websandbox.livelabs.com<br />Also don’t miss the panelSecure Mashups: Getting to Safe Web Plug-insWednesday, 10:55am<br />

    ×